Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4082/F84D2708DD6011EBB257B76DC4F9AE02/7D3FF212DD6411EB9A873075C4F9AE02.roa
File: 7D3FF212DD6411EB9A873075C4F9AE02.roa (raw, json)
Hash identifier: YvlXrVXz/zzpF6GNBI4eGW8M/tc7OrqtZsEQDkLjWEE=
Subject key identifier: B0:9A:0C:CA:81:8C:BA:04:35:28:6D:6B:13:0B:CA:A2:CE:76:C5:AF
Certificate issuer: /CN=A91C4082/serialNumber=82B581E1BA1683AB591FEBCB5D244B91EE9D6F15
Certificate serial: FE
Authority key identifier: 82:B5:81:E1:BA:16:83:AB:59:1F:EB:CB:5D:24:4B:91:EE:9D:6F:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/grWB4boWg6tZH-vLXSRLke6dbxU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4082/F84D2708DD6011EBB257B76DC4F9AE02/7D3FF212DD6411EB9A873075C4F9AE02.roa
Signing time: Wed 10 Nov 2021 03:11:40 +0000
ROA not before: Wed 10 Nov 2021 03:11:40 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 131111
IP address blocks: 103.75.24.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254 (0xfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4082/serialNumber=82B581E1BA1683AB591FEBCB5D244B91EE9D6F15
Validity
Not Before: Nov 10 03:11:40 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=618b386c-e464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3f:d0:9a:85:1d:90:a2:9b:cc:59:1f:b9:45:
eb:09:44:97:63:6d:3e:b4:f5:70:04:a1:0e:51:59:
f2:3e:b6:a5:fb:85:99:b3:33:c4:56:bf:66:2a:5e:
65:f2:37:53:13:a9:cb:b9:e2:ca:90:65:8f:3f:db:
8e:0e:64:45:25:46:ae:b5:81:65:a3:be:d7:f5:a1:
e4:a6:36:15:ae:e3:e5:09:37:2f:24:0d:c0:00:be:
cf:65:79:20:ae:a7:a2:12:a1:5e:a1:0c:07:93:7a:
7a:ee:5e:07:0f:c9:21:ae:65:31:7e:4c:a9:b8:62:
55:0b:1f:94:bc:fc:c9:cf:35:5f:80:2d:6c:d3:c2:
c8:ca:7e:66:20:ba:58:7d:0e:b8:f7:98:5c:a4:5d:
86:d1:af:f9:a3:52:09:63:5f:d8:33:a9:5d:d7:03:
f8:6f:49:38:bf:ee:96:1a:ec:25:04:a4:1a:ad:90:
cd:53:a6:19:3c:16:51:ce:da:0f:21:55:ff:e0:46:
06:01:ec:3d:03:aa:69:a0:c3:50:b1:79:34:c0:32:
fd:e6:a3:58:60:9a:39:f4:87:3f:06:9b:74:ca:52:
20:d6:56:85:e5:9f:a4:61:a4:fa:d4:9c:fd:1c:fe:
a9:dd:2c:b7:17:7a:b3:bc:1b:3f:03:22:eb:c0:e5:
e1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:9A:0C:CA:81:8C:BA:04:35:28:6D:6B:13:0B:CA:A2:CE:76:C5:AF
X509v3 Authority Key Identifier:
keyid:82:B5:81:E1:BA:16:83:AB:59:1F:EB:CB:5D:24:4B:91:EE:9D:6F:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4082/F84D2708DD6011EBB257B76DC4F9AE02/grWB4boWg6tZH-vLXSRLke6dbxU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/grWB4boWg6tZH-vLXSRLke6dbxU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4082/F84D2708DD6011EBB257B76DC4F9AE02/7D3FF212DD6411EB9A873075C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.24.0/22
Signature Algorithm: sha256WithRSAEncryption
05:4d:ee:e1:f9:1c:b3:66:5f:3b:2e:27:52:91:3d:b1:09:2a:
52:fa:47:01:9c:5c:9c:cd:d8:25:00:be:aa:08:95:fb:f9:d5:
c8:04:9e:85:48:20:d3:35:ac:09:bd:4c:30:4e:92:1d:5c:7d:
0e:42:6b:c2:a2:db:d9:6c:20:07:db:c9:ff:02:b5:0d:37:cd:
0c:09:08:0a:e1:ae:72:c4:26:6d:a3:e7:1b:8d:cb:69:c2:d9:
e7:42:70:9e:7f:ea:b6:7b:7f:83:92:c7:e1:9d:99:c4:83:e3:
1a:23:fa:06:6f:f4:40:66:61:bb:ed:a6:11:c0:82:ac:67:82:
9c:39:c2:bd:00:85:b0:3e:e2:4c:94:4f:16:d1:46:83:0c:47:
5b:4d:67:f6:72:68:18:5d:29:f1:42:6c:cc:32:e9:55:fb:70:
4a:67:af:bc:1d:51:40:15:3f:a6:d3:5a:fd:e1:74:a1:5b:7d:
3f:e3:82:6b:94:36:42:7f:d9:2f:ae:1c:83:77:30:f6:29:85:
35:3b:45:5a:dd:46:0d:2b:84:86:df:ce:73:a2:07:aa:3c:1e:
23:95:a8:52:07:d0:db:e9:95:b6:24:98:36:af:94:9c:2b:71:
12:ce:04:9c:ef:a9:f1:f2:02:27:dd:2e:23:94:03:a6:54:8d:
bb:23:b3:6d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzQwODIxMTAvBgNVBAUTKDgyQjU4MUUxQkExNjgzQUI1OTFGRUJDQjVEMjQ0Qjkx
RUU5RDZGMTUwHhcNMjExMTEwMDMxMTQwWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MThiMzg2Yy1lNDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnz/QmoUdkKKbzFkfuUXrCUSXY20+tPVwBKEOUVnyPral+4WZszPEVr9mKl5l
8jdTE6nLueLKkGWPP9uODmRFJUautYFlo77X9aHkpjYVruPlCTcvJA3AAL7PZXkg
rqeiEqFeoQwHk3p67l4HD8khrmUxfkypuGJVCx+UvPzJzzVfgC1s08LIyn5mILpY
fQ6495hcpF2G0a/5o1IJY1/YM6ld1wP4b0k4v+6WGuwlBKQarZDNU6YZPBZRztoP
IVX/4EYGAew9A6ppoMNQsXk0wDL95qNYYJo59Ic/Bpt0ylIg1laF5Z+kYaT61Jz9
HP6p3Sy3F3qzvBs/AyLrwOXhKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLCaDMqB
jLoENShtaxMLyqLOdsWvMB8GA1UdIwQYMBaAFIK1geG6FoOrWR/ry10kS5HunW8V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDA4Mi9GODREMjcwOERE
NjAxMUVCQjI1N0I3NkRDNEY5QUUwMi9ncldCNGJvV2c2dFpILXZMWFNSTGtlNmRi
eFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dyV0I0Ym9XZzZ0WkgtdkxYU1JMa2U2ZGJ4VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzQwODIvRjg0RDI3MDhERDYwMTFFQkIyNTdCNzZEQzRGOUFFMDIvN0QzRkYyMTJE
RDY0MTFFQjlBODczMDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnSxgwDQYJKoZIhvcNAQELBQADggEBAAVN7uH5HLNmXzsu
J1KRPbEJKlL6RwGcXJzN2CUAvqoIlfv51cgEnoVIINM1rAm9TDBOkh1cfQ5Ca8Ki
29lsIAfbyf8CtQ03zQwJCArhrnLEJm2j5xuNy2nC2edCcJ5/6rZ7f4OSx+GdmcSD
4xoj+gZv9EBmYbvtphHAgqxngpw5wr0AhbA+4kyUTxbRRoMMR1tNZ/ZyaBhdKfFC
bMwy6VX7cEpnr7wdUUAVP6bTWv3hdKFbfT/jgmuUNkJ/2S+uHIN3MPYphTU7RVrd
Rg0rhIbfznOiB6o8HiOVqFIH0NvplbYkmDavlJwrcRLOBJzvqfHyAifdLiOUA6ZU
jbsjs20=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-fra.rpki-client.org